Results 1 to 7 of 7
  1. #1

    Is this a hacking attempt?

    I have a PHP image script that accepts image uploads and stores it in a directory on the server. When reviewing the error log, I saw the following:

    File does not exist: /home/mysite/public_html/imagephpscript/data/ai9fark/\xd7\xaa\xd7\x9e\xd7\x95\xd7\xa0\xd7\x94 \xd7\x91\xd7\x9b\xd7\x97\xd7\x95\xd7\test.gif

    Could this be a hacking attempt? It seems the user uploaded a really strange file name:

    \xd7\xaa\xd7\x9e\xd7\x95\xd7\xa0\xd7\x94 \xd7\x91\xd7\x9b\xd7\x97\xd7\x95\xd7\test.gif


  2. #2
    Join Date
    May 2005
    Chicago, IL USA

    The hash marks usually are the results of viruses, worms and other automatic programs attempting to access your server. I assume you went in as root and did a locate for test.gif? If not, do it. And check your PHP temp directory.

    In the meantime get your self a copy of LogWatch and install it. This will notify you at regular intervals of any activity on your server.

    - HostNexus Mike
    ||| Mike Bowers - Marketing Director
    ||| atOmicVPS LTD
    ||| OnApp Powered Linux & Windows Cloud Hosting ► [Shared] ► [Reseller] ► [VPS]
    ||| Follow the atOmicVPS Blog

  3. #3
    Thanks. I didn't know bots can actually interact with a php form, such as select a file and upload it by pressing submit? I thought they usually only manipulate URLs by adding commands to the end of them.

  4. #4
    Join Date
    May 2005
    Try to install mod_security with some good rules.. It will be really helpfull for you..

  5. #5
    Join Date
    Oct 2004
    Mod_sec rules have really helped to stop those kinda attacks. And those attempts were definitely intended with bad intentions.
    ESC :wq!

  6. #6
    Thanks guys. Unfortunately I'm on a reseller account, and can't install custom modules. Anything I can do to better improve security with one hand tied?

  7. #7
    Join Date
    Nov 2004
    Why don't you consider to move to a VPS... they are not that expensive, I mean it worth it

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts